This weekend I made some tests with phising sites and found they were not blocked!
One example testpage:
http://www.mozilla.com/firefox/its-a-trap.htmlOutput:
Code:
28/09/2009 09:10:52 127.0.0.1 GET 200 http://www.mozilla.com/img/tignish/template/header-background.png 475+545 VIRUS ClamAV: Sanesecurity.Rogue.295.UNOFFICIAL
But the site was not blocked.
What's the reason about?
Clamav is also finding a virus:
Code:
clamdscan -v header-background.png
/root/clam-test/header-background.png:Sanesecurity.Rogue.295.UNOFFICIAL FOUND
regards